English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 49378/84106 (59%)
造訪人次 : 7376008      線上人數 : 96
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/34122


    題名: 以HIPAA為基礎之強化隱私權保護的電子病歷安全管控
    其他題名: A security management of electrical patient record based HIPAA with enhanced privacy protection
    作者: 許桓碩;Hsu, Huan-shuo
    貢獻者: 淡江大學資訊管理學系碩士班
    李鴻璋;Lee, Hung-chang
    關鍵詞: HIPAA;橢圓曲線;病患隱私權;HIPAA;Elliptic Curve Cryptography;patient’s privacy
    日期: 2008
    上傳時間: 2010-01-11 04:56:53 (UTC+8)
    摘要: 現在越來越多的醫療院所利用資訊科技來提供醫療服務,如何保護極為隱私的病患資訊,也是各大醫療院所對於資訊安全管理上非常重要的課題。於是1996年8月在美國柯林頓總統任內所通過的重要醫療保險可攜性責任法案(HIPAA),此法案制定了在醫療方面的資訊安全規範,以提升整體醫療品質。其中隱私權條文規定了病患對個人的醫療資訊必須擁有更多的控制權利,以及醫療資料的使用與揭露都應該受到管制。
    本研究設計一個符合HIPAA 法案中規範的安全控管要件,滿足電子病歷會有其交流的必要性,同時也需考量到病患不需要將不相干的醫療資訊暴露在醫療人員面前。於是病患與院方之間為了將病歷作安全防護所建立的交談式金鑰,必須建立在病患與各醫科之間。當醫療人員有需要參考病患在其他醫科的病歷時,在應用存取控制的機制下,可透過院方取得該病歷。如果病患在別間醫院仍可以做跨院的病歷交流來取得病歷。
    另外在安全管控演算機制中,應用了橢圓曲線的優點,如執行效率快、安全度更高以及在相同安全度下具有較短的金鑰長度,以建立所需之基本金鑰,實驗數值[13]說明它比DSA演算機制快約30%。
    Nowadays, more and more healthcare providers use information systems to provide healthcare services. How to protect the private patient’s information is an important issue about security management of information to all healthcare providers. The Health Insurance Portability and Accountability Act enacted by the United State Congress in August, 1996, is the Federal Law which applies to the U.S healthcare industry. HIPAA specifies the guideline about health information security to enhance the healthcare quality. The regulations about patient’s privacy specifically indicate that the patients should have more power to control themselves’ health record, and the use and the disclosure of health information should be under the control safely.
    This research is to design a management of security to comply with HIPAA, to satisfy the necessity to exchange the electrical patient’s record, and to consider that the patients don’t need to disclosure the irrelevant health information to the healthcare workers. Therefore the session keys are made between the patient and each department of the hospital. If healthcare workers need to refer to the patient’s record in other department, they can get the record through the hospital using the mechanism of access control. Even the record is in other hospital, they are still able to get the record through the mechanism of interflow of electrical patient’s record between hospitals.
    Besides, the mechanism of security uses the advantage of elliptic curve cryptography, ex. better efficiency, stringer security, and shorter key length under the same security level. For the time cost establishing the key, the experiment result [13] shows that elliptic curve cryptography is quicker than DSA mechanism about 30%
    顯示於類別:[資訊管理學系暨研究所] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    0KbUnknown316檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋